XP/Vista IGMP buffer overflow - the code explained->
Submitted
by
HalvarFlake
HalvarFlake writes "With all the hoopla about the remotely exploitable, kernel-level buffer overflow discussed in today's security bulletin MS08-0001, what is the actual bug that triggers this ?
The bulletin doesn't give all that much information ...
This shockwave movie goes through the process of examining the "pre-patch" version of tcpip.sys and comparing it against the "post-patch" version of tcpip.sys. This comparison yields the actual code that causes the overflow: A mistake in the calculation of the required size in a dynamic allocation."
Link to Original Source
The bulletin doesn't give all that much information
This shockwave movie goes through the process of examining the "pre-patch" version of tcpip.sys and comparing it against the "post-patch" version of tcpip.sys. This comparison yields the actual code that causes the overflow: A mistake in the calculation of the required size in a dynamic allocation."
Link to Original Source
XP/Vista IGMP buffer overflow - the code explained More Login
XP/Vista IGMP buffer overflow - the code explained